VPN Policy Issues (GL-MT1300)

Hi, I did a quick search around the forums for anything that went over this type of issue and found many similar ones, but none exactly like this one. Please forgive me if this is the wrong place for this or if you have any links that I may have missed!!

I use Wireguard and currently have VPN policies configured to keep only ONE device (my AppleTV) behind the VPN. No other devices should use VPN. This was working to the best of my recollection up until I upgraded my Beryl (MT1300) firmware to version 3.201. I cannot say exactly whether it worked or not for about 48 hours before/after I upgraded, though. The issue is that even with the limited-access policies enabled, it puts every device on my LAN behind the VPN. All devices still have internet but they are all persistently behind the VPN unless I disable the VPN completely. I’ve toggled all of the policy options, reloaded VPN configurations and rebooted the router to death to see if it was a hiccup, but it seems to be persistent. Verified this by checking a “whatismyip” website which outputs the VPN location rather than my actual on every device connected, as well as my ping responses out to the internet before/after VPN is enabled on the devices that should not be behind the VPN. I’ve confirmed that the same result happens with both Wireguard and OVPN.

Quick edit: I attempted to implement the policy in “reverse” and set all devices except for the AppleTV to “Do not use VPN”, and it still puts everything behind the VPN, so no dice there.

Anyone have any ideas? Thank you so much in advance!

Seems it is strange.

firmware 3.201 fixed the policy specifically. I just check and it worked.

I have two client and I tried Mac address based policy. I also choose rules to “do not use” or “only use”. All behave correctly.

Maybe you can reset the router and start over?

1 Like